loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Juan Manuel García 1 ; Tomás Navarrete 1 and Carlos Orozco 2

Affiliations: 1 Instituto Tecnológico de Morelia, Mexico ; 2 FIRA - Banco de México, Mexico

Keyword(s): Intrusion detection, anomaly detection, time series analysis, Markov processes.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention

Abstract: We present an approach to anomaly detection based on the construction of a Hidden Markov Model trained on processor workload data. Based on processor load measurements, a HMM is constructed as a model of the system normal behavior. Any observed sequence of processor load measurements that is unlikely generated by the HMM is then considered as an anomaly. We test our approach taking real data of a mail server processor load to construct a HMM and then we test it under several experimental conditions including a simulated DoS attacks. We show some evidence suggesting that this method could be successful to detect attacks or misuse that directly affects processor performance.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.237.32.143

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Manuel García, J.; Navarrete, T. and Orozco, C. (2006). WORKLOAD HIDDEN MARKOV MODEL FOR ANOMALY DETECTION. In Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT; ISBN 978-972-8865-63-4; ISSN 2184-3236, SciTePress, pages 56-60. DOI: 10.5220/0002099700560060

@conference{secrypt06,
author={Juan {Manuel García}. and Tomás Navarrete. and Carlos Orozco.},
title={WORKLOAD HIDDEN MARKOV MODEL FOR ANOMALY DETECTION},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT},
year={2006},
pages={56-60},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002099700560060},
isbn={978-972-8865-63-4},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT
TI - WORKLOAD HIDDEN MARKOV MODEL FOR ANOMALY DETECTION
SN - 978-972-8865-63-4
IS - 2184-3236
AU - Manuel García, J.
AU - Navarrete, T.
AU - Orozco, C.
PY - 2006
SP - 56
EP - 60
DO - 10.5220/0002099700560060
PB - SciTePress